Endpoint Security: 6 Questions To Ask Before You Buy - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Infrastructure
News
4/23/2007
09:07 PM
Connect Directly
Facebook
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Endpoint Security: 6 Questions To Ask Before You Buy

Here's a roadmap, suggestions on price points, and a guide on what you need to assess before you purchase any endpoint security product for your enterprise.

In the past year we have seen dozens of endpoint security products come to market, trying to fill a niche that represents a very real threat to enterprise networks. But how do corporate IT managers evaluate these kinds of products? In this article, we'll provide a roadmap, some suggestions on price points, and ways to sift through all of the products. Here are the six questions to address before you purchase any endpoint solution.

Endpoint Solutions:
6 Questions To Ask Before You Buy
1. What pieces should you implement now?
2. What security and network infrastructure do you have already?
3. What on your network are you really protecting?
4. Do you manage all of your desktops?
5. Do you have non-PC endpoints to manage?

6. Where will you create and enforce your security policies?

1) What pieces of the endpoint security picture are most important to implement now?

Endpoint security means a lot of different things to different people. For the purposes of our discussion, we outline the following five elements that any endpoint solution should contain. Your needs may differ, and you may want to implement one or two items now and plan for upgrading to the remaining elements down the road when you can get more of the project funded.

  • Policy definition. You should be able to set and maintain a variety of security policies for different user populations, locations and machine populations, and be able to easily modify them.
  • Detection. No matter whether your users are in your local headquarters or connect to your enterprise network from a remote location, your system should be able to detect them. This includes using agents or agent-less operations on each client.
  • Health assessment. Your ultimate system should be able to scan the endpoint and determine compliance with your policies. Ideally, the scans should take place prior to any network access, but your system should also allow other checks to occur after login too.
  • Enforcement. Your policies determine what network resources should be protected, included switches, VPNs, servers, and so forth. You should be able to quarantine resources or refuse network access entirely, depending on policies.
  • Remediation. If clients don't pass muster, what happens? The ideal system should kick off anti-virus signature updates, or apply patches to the OS, or other measures. Remember, the goal here is to have everyone eventually connect securely to your network. This is probably the area that where most IT managers would like to see implemented first, yet is where most solutions are weakest. The problem is that remediation is tricky, and depends on a lot of individual pieces of software and hardware to work properly.

    There are three overall architectural approaches that are being worked on currently: Microsoft's Network Access Protection (NAP), Cisco's Network Admission Control (NAC), and the Trusted Computing Group's Trusted Network Connect (TNC).

    Cisco's NAC is the closest of the three to being actually implemented. It does so by controlling access to the network layer through implementing modules in its switches and routers for both Windows and Linux clients. You'll need to mix and match several vendors to cover the five elements mentioned above, because Cisco doesn't supply everything. Its architecture is strong on enforcement and detection and short on remediation.

    We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
    Previous
    1 of 5
    Next
    Comment  | 
    Print  | 
    More Insights
  • Commentary
    Enterprise Guide to Digital Transformation
    Cathleen Gagne, Managing Editor, InformationWeek,  8/13/2019
    Slideshows
    IT Careers: How to Get a Job as a Site Reliability Engineer
    Cynthia Harvey, Freelance Journalist, InformationWeek,  7/31/2019
    Commentary
    AI Ethics Guidelines Every CIO Should Read
    Guest Commentary, Guest Commentary,  8/7/2019
    White Papers
    Register for InformationWeek Newsletters
    State of the Cloud
    State of the Cloud
    Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
    Video
    Current Issue
    Data Science and AI in the Fast Lane
    This IT Trend Report will help you gain insight into how quickly and dramatically data science is influencing how enterprises are managed and where they will derive business success. Read the report today!
    Slideshows
    Flash Poll